Apathy Meets Security - SC Magazine Apathy Meets Security ... Mobile Users Sacriﬁce Security for Convenience ... the rate of fraud these users experience

Independently produced by:

SMARTPHONES, TABLETS, AND FRAUD: When Apathy Meets Security

Sponsored by:


2

CONTENTS Overview ................................................................................................................................................................ 4

Key Findings ........................................................................................................................................................... 5

Recommenda ons ................................................................................................................................................. 6

Passwords: Mobile Users Sacrifice Security for Convenience ................................................................................ 7

Using Mobile Devices to Advance Authen ca on ................................................................................................. 9

Mobile Threats: Inside and Out ........................................................................................................................... 12

Understanding the Consequences ....................................................................................................................... 16

Methodology ........................................................................................................................................................ 18

TABLE OF FIGURES Figure 1: Number of Online Accounts Where the Same Password Is Used, by Mobile OS User ........................... 7

Figure 2: Use of Two‐Factor Authen ca on in Online Accounts, by Mobile OS User ........................................... 9

Figure 3: Biometric Method Preference, by Mobile OS User ............................................................................... 10

Figure 4: Use of Mobile Security Features, by Mobile OS User ........................................................................... 13

Figure 5: Incidence of Iden ty Fraud in Past 12 Months, by Mobile OS User ...................................................... 16


3

OVERVIEW Consumers rely on their mobile devices on an ever‐growing basis to keep them connected.

Smartphones and tablets provide them with access to each other through email,

messaging, and social media while also pu ng financial services and shopping in the palm

of their hands. And each and every one of these ac vi es holds value for criminals in search

of account creden als and personally iden fiable informa on (PII) to sell or misuse.

Unfortunately, for all of the poten al that mobile devices represent, the apathy of every

mobile stakeholder is undermining the security of mobile devices and the accounts of their

users. Protec ng Android, iOS, and Windows mobile device users from fraud will require a

concerted effort by all stakeholders to eliminate vulnerabili es, encourage security‐minded

behaviors, and to leverage all the security benefits that mobile devices have to offer.


4

KEY FINDINGS

Android, iOS, and Windows mobile users are undermining their security by reusing

passwords more o en than the average consumer. These mobile users are about 25%

more likely than all consumers to use the same password to access more than one

online account. This mo vates criminals to target them and their devices to secure

creden als with the expecta on that they will facilitate access to a variety of the

vic m’s valuable accounts and services.

Heavy reliance on one‐ me passwords is placing Android users’ financial accounts at

risk. Forty‐one percent of Android users take advantage of one‐ me passwords (OTPs)

with their financial accounts. The prevalence of mobile malware for Android capable

of intercep ng OTPs sent by text (i.e., Short Message Service or SMS) is contribu ng to

the rate of fraud these users experience.

Mobile users prefer fingerprint authen ca on, which bodes well for Apple and

Samsung. Fingerprint scanning is preferred by Android, iOS, and Windows mobile

users among the prevailing biometric modali es. Recent moves by Apple and Samsung

to expand fingerprint‐based authen ca on is likely to be well‐received and will

subsequently bolster the preference for this modality.

One in five or fewer Android, iOS, or Windows mobile device users are truly

protec ng their data from a physical intrusion. While using a password, or be er yet

a fingerprint, to protect the lock screen can effec vely deter some a empts to

physically access a mobile device, more safeguards are needed to dissuade

professional criminals. Unfortunately the use rates of remote‐wipe so ware and disk

encryp on are dishearteningly low.

Mobile users desperately want to protect their devices from vulnerabili es in

outdated OSs, but updates are not always convenient or available. Upda ng the OS

can be hampered by limited availability from carriers and manufacturers in the case of

Android or because of how an update has the poten al to undermine performance

a er installa on in the case of iOS.

Android and iOS users face a significantly higher rate of fraud than the average

consumer, but the reasons differ. Users in both camps display similarly poor password

and security habits, which are contribu ng to their risk of being vic mized. More

specifically, it is mobile malware that is spurring the fraud experienced by Android

users, while the a rac veness of iOS users’ income has placed them in the crosshairs

of fraudsters.


5

RECOMMENDATIONS

Use the effec ve authen ca on capabili es of the mobile device. To protect mobile

users and their accounts from the vulnerabili es associated with the use of passwords,

take advantage of hardware integrated into mobile devices to protect all channels.

More secure solu ons, such as those based on biometrics, can be delivered directly to

consumers without the cost of providing addi onal hardware.

Encourage the use of comprehensive security so ware. Comprehensive mobile

security so ware can help prevent a variety of threats. An ‐malware capabili es can

protect users from malicious apps designed to glean account creden als and other

sensi ve PII. Other features can include the ability to remotely wipe the device in the

event of the and no fying the user of any risky connec ons.

Be mindful of how OTPs are being used and sent. One‐ me passwords sent by SMS

are vulnerable to being intercepted and rerouted by mobile malware, while those

delivered through email could also be stolen should the account be compromised.

When using OTPs to protect valuable accounts, such as online banking, avoid sending

OTPs through either of these methods.

Educate consumers about how biometric data is protected and used. Fingerprint

scanning benefits from its long history, including its use by law enforcement and in

commercial applica ons and its popularity in film. Consumer concerns about the

privacy and effec veness of a biometric solu on can be relieved through educa on,

giving other modali es an opportunity to close the gaps in public awareness and

comfort.


6

PASSWORDS: MOBILE USERS SACRIFICE SECURITY FOR CONVENIENCE Passwords are the typical first line of defense for online accounts, and in some cases they

are the only means by which an account is secured from unauthorized access. Given the

breadth of available apps and services that mobile users have at their finger ps that require

a password, it is unsurprising that convenience has taken a back seat to security. Mobile

users have fallen into the “password trap,” reusing the same passwords for mul ple sites

and services. As a result, they are exposing their online accounts to a greater risk of

compromise and eventual misuse.

Regardless of which major opera ng system is being used, mobile device users are

undercu ng their own security at an alarming rate. More than six out of 10 Android (62%),

iOS (63%), and Windows (61%) mobile device users use the same password for more than a

single online account (see Figure 1). As a result, they are about 25% more likely than all

consumers to reuse a password, which has repercussions for the integrity of their iden es

and the security of their accounts.1

At least 6 in 10 Mobile Consumers Reuse Passwords Across Mul ple Accounts

Figure 1: Number of Online Accounts Where the Same Password Is Used, by Mobile OS User

5%

16%

8%

5%

19%

9%

39%

7%

14%

9%

6%

12%

14%

37%

7%

13%

9%

6%

11%

16%

38%

0% 10% 20% 30% 40%

more than 10

6 to 10

5

4

3

2

1

Android

iOS

Windows

October, 2013, n varies 169 to 2028Base: Consumers owning

online accounts by mobile OS.© 2014 Javelin Strategy & Research

Q61: How many of your online accounts do you use exactly the same password to access? Means number of accounts shown.


7

Password behaviors born of convenience have already mo vated criminals to breach

password lists, but the behavior of mobile users makes them and their devices more

a rac ve and vulnerable targets. This in turn places the types of services delivered through

mobile devices at substan al risk, including banking, email, online commerce, payments,

and social media. There is a domino effect: As criminals compromise the password of an

account and a empt to access it for immediate financial gain, they may also glean

addi onal bits of personally iden fiable informa on (PII) on a consumer and can

subsequently access other accounts or defraud a user’s contacts.

Passwords are cumbersome to manage, and even more so to enter on the keyboard of a

mobile device. To cope with the difficul es that passwords create, mobile users are

uninten onally undermining their own security. Fortunately there are effec ve alterna ves

that take advantage of the mobile devices themselves to provide ease of use and security

(see Advancing Authen ca on sec on, below). Implemen ng these alterna ves can

protect mobile users and their devices in ways that passwords cannot.


8

USING MOBILE DEVICES TO ADVANCE AUTHENTICATION The love affair between consumers and their mobile devices is undeniable. But despite the

allure of the latest advancements in mobile technology, consumers are accessing a variety

of apps and online services using outdated authen ca on techniques. Ironically, mobile

devices allow consumers and businesses to realize greater security by reducing the cost,

and increasing the effec veness and prac cality of newer authen ca on technologies. Yet

reaching that poten al will depend greatly on the wherewithal of consumers, along with

how they address implementa on and use challenges.

To address the weakness inherent in tradi onal passwords, many online sites have turned

to one‐ me passwords, but this solu on faces its own set of challenges. Consumers may

suppose that OTPs delivered through mobile devices improve the security of online services

because they have become standard for two‐factor authen ca on. Unfortunately SMS‐

based OTPs are being successfully targeted and compromised by mobile malware (see

Mobile Threats sec on, pg. 12). This represents a significant threat to the integrity of any

consumer’s account that relies on OTPs, but in par cular to the 41% of Android users who

use OTPs to protect their financial accounts (see Figure 2). Greater security can be achieved

by not delivering OTPs through SMS and instead using a dedicated app to circumvent the

threat of malware interdic on.

More Than 4 in 10 Android Users Poten ally Face Fraud Threat From Two‐Factor Authen ca on for Financial Accounts

Figure 2: Use of Two‐Factor Authen ca on in Online Accounts, by Mobile OS User

15%

21%

30%

45%

37%

6%

11%

22%

35%

43%

5%

11%

21%

34%

41%

0% 10% 20% 30% 40% 50%

Business email accounts

Any other personal email accounts

Social media accounts

Primary personal email account

Financial accounts

Android

iOS

Windows

Q66: Are you currently enrolled in two‐factor authentication for any of the following account types?

October, 2013, n varies 171 to 2048Base: Consumers by mobile OS.

© 2014 Javelin Strategy & Research


9

As another alterna ve to passwords, biometric authen ca on has immense promise when

delivered through a mobile device. Mobile devices are uniquely suited to facilita ng a wide

variety of biometric solu ons, including facial and voice recogni on, through the use of

their integrated cameras and microphones. In addi on, the two largest mobile device

manufacturers, Apple and Samsung, have both integrated fingerprint‐scanning sensors

within their flagship smartphones. The integra on of all of these hardware capabili es into

ubiquitous mobile devices alleviates two of the most significant impediments to the mass

adop on of biometrics: user convenience and cost to deploy.

Despite the benefits that can be achieved when delivering biometric solu ons through

mobile devices, consumers do not value each modality equally. Indica ve of their long

history and the level of trust bred by familiarity, Android, iOS, and Windows mobile users

most prefer fingerprint scanning (34%, 38%, and 30%, respec vely) (see Figure 3). In

addi on to Samsung’s partnership with PayPal, Apple’s recent announcement of the use of

Touch ID to authen cate mobile wallet transac ons will have a significant effect on this

trend.2 The experience of consumers at the point of sale with this modality will further

bolster trust as fingerprints replace personal iden fica on numbers (PINs) for securing

mobile wallets across a variety of devices over the long term. While fingerprint scanning

has a considerable head start, compe ng modali es have a similar opportunity, but only if

they can breed trust among consumers, especially in how they protect the privacy of

biometric data.3

The Most Established Biometric Technology, Fingerprints, Is Preferred

Figure 3: Biometric Method Preference, by Mobile OS User

Q38: Which of the following biometric methods would you most prefer to use to authenticate your identity online?

August, 2013, n varies 112 to 988Base: Consumers by mobile OS.


8%

16%

9%

11%

10%

16%

30%

8%

23%

4%

6%

7%

13%

38%

12%

25%

3%

5%

7%

13%

34%

0% 10% 20% 30% 40%

I would not use any of these methods

I do not have a preferred biometricauthentication method

Palm (including hand geometry and veinanalysis)

Voice

Facial recognition

Eye (including iris, vein mapping andretina)

Fingerprint

Percentage of consumers

Android

iOS

Windows


10

Mobile devices have changed the way that consumers communicate and interact with

businesses, yet all too o en these rela onships are predicated on both par es’ trust in

rudimentary security measures. Fortunately, consumers and businesses can both derive

significant security benefits from the inherent and growing capabili es of these devices. By

rendering passwords obsolete, apps and online services will be less prone to fraud, no

longer to be compromised by criminals with breached creden als in hand.


11

MOBILE THREATS: INSIDE AND OUT Mobile devices can conveniently deliver a variety of services directly to the hands of

consumers, just as they can provide another convenient avenue by which criminals can get

their hands on valuable data. Highly sought‐a er for the commission of fraud, sensi ve PII

and account creden als are both stored in and transmi ed through smartphones and

tablets, as consumers use these devices for financial services, m‐commerce, and social

media. Unfortunately, the mobile security habits of these same consumers can allow

criminals direct access to the contents of these devices, placing the integrity of consumer

accounts and iden es at risk.

Consumers face threats to the security of their devices from the digital and physical worlds.

While there are some immensely pervasive threats, including malicious Wi‐Fi hotspots,

mobile malware, and physical intrusions, the security habits of consumers can drama cally

compound the damage done when a criminal uses one of these threat vectors to

compromise mobile users or their devices.

Threat: Malicious or Unsecured Wi‐Fi Hotspots Malicious hotspots masquerading as legi mate access points provided to customers at

loca ons such as hotels or coffee shops are designed to intercept the transmissions of

connected devices. Even benign hotspots can be nearly as dangerous if le unsecured.

Consumers using smartphones and tablets connected to these hotspots may have any

unencrypted data intercepted, including account creden als and other PII. Even in those

instances where the app or online services in use appear to be encrypted, vulnerabili es

may s ll exist in the implementa on of the encryp on, exposing data to the and misuse.

Compounding Behavior: Consumers using Android, iOS, and Windows mobile devices all display a similar disposi on

to reusing passwords across mul ple online accounts (see Password sec on, pg. 6). As a

result, using a malicious or unsecured hotspot with a mobile device could expose one or

more passwords to the , poten ally facilita ng unauthorized access to a mul tude of

accounts and services.


12

Threat: Mobile Malware Millions of instances of malware and high‐risk apps specifically geared toward mobile

devices are being delivered under the guise of legi mate apps, through compromised

websites, or through email.4 Besides being able to access a device’s internal storage, some

mobile malware (such as the Bugat trojan or the mobile variant of the formidable Zeus

trojan called ZitMo) can capture and redirect SMS texts, allowing criminals to circumvent

authen ca on schemes that rely on this channel to deliver one‐ me passwords.5,6,7

Compounding Behavior: Older versions of mobile opera ng systems o en contain vulnerabili es that can be used

by malware, but fortunately 71% of Android, 75% of iOS, and 68% of Windows mobile

device users update their devices’ OS when one is available (see Figure 4). Android owners

can be le in the lurch, though: Whether to make an update available for a par cular

device is o en up to manufacturers and carriers, not Google. iOS users are somewhat

be er off, yet updates are notorious for draining the ba ery of older devices, and that

might discourage the prac ce.8

Android, iOS, and Windows Mobile Device Users Display Similar Security Habits, With a Few Notable Differences

Figure 4: Use of Mobile Security Features, by Mobile OS User



15%

21%

20%

17%

39%

31%

43%

53%

68%

11%

18%

12%

20%

34%

36%

34%

58%

75%

11%

14%

14%

17%

33%

34%

42%

49%

71%

0% 10% 20% 30% 40% 50% 60% 70% 80%

Own a service that allows you to encrypt the data onyour mobile device

Download new apps which do not have many reviews

Download apps from sites other than your OS's officialapp store

Own software or a service that allows you to remotelywipe your device

Change your password regularly

Save login info for apps or websites

Use antivirus software

Use a password

Update your OS as soon as updates become available

Percentage of consumers

Android

iOS

Windows


13

Unofficial app stores do not have controls as comprehensive as those of Apple, Google, or

Microso . The result is that malicious apps are more likely to appear in unofficial stores,

and the Android (14%), iOS (12%), and Windows (20%) mobile device users who are using

these stores to download unofficial apps — including rogue banking apps — may each be

inadvertently placing their creden als directly into the hands of criminals as a result (see

Figure 4).

Security so ware with an virus and an ‐malware capabili es is an effec ve hedge against

mobile device infec on, yet fewer than half of Android, iOS, and Windows mobile device

users (see Figure 4) are taking advantage. The iOS user responses are not completely

telling, though, because iOS sandboxing renders the an ‐malware capability of security

apps largely ineffec ve, even though iOS users who choose to download third‐party apps

run the risk of infec on.9 Security apps can include a number of other func ons, though,

including the ability to iden fy unsecured connec ons.10

Threat: Physical Intrusion Mobile devices are under a ack not only through their wireless connec ons; they also

make temp ng targets for criminals in the physical world. The pe y the of smartphones

has placed major ci es’ crime rates under significant pressure, forcing calls for device

manufacturers to integrate a kill switch to render them useless in the case of the . –

California recently ins tuted just such a law.11 Consumers’ mobile devices may also prove

hard for certain personal acquaintances to ignore; familiar fraud12 could occur when a

mobile device is unknowingly used by a friend or family member to access financial

services, m‐commerce, or mobile wallet func ons.

Compounding Behavior: Making a mobile device inaccessible can dissuade a dishonest acquaintance from even

a emp ng to access it in the first place. iOS users are the most likely to protect their device

with some sort of password (58%), and their lock screen can be further secured by using

Touch ID if they have a compa ble device (see Figure 4). While some Samsung devices offer

the same convenience, the remainder or mobile devices must rely on more pedestrian

means of securing the lock screen. And for consumers without a fingerprint scanner who

choose to rely on passwords instead, they can s ll be vic mized by an acquaintance if they

are able to glean or guess the password. This makes upda ng passwords regularly an


14

important prac ce, but only about one‐third of Android, iOS, and Windows mobile device

users update them regularly, (see Figure 4).

Securing the lock screen of a mobile device may prove to be less of an impediment to

professional thieves who are intent on gaining access to the PII contained therein. In these

instances, solu ons that render the mobile device una ainable or unusable are more

effec ve. Yet among all the security habits examined, these solu ons are some of the least

used: Remote‐wipe so ware is used by 17% of Android, 20% of iOS, and 17% of Windows

mobile device users, and disk encryp on is used by 11% of Android, 11% of iOS, and 15% of

Windows mobile device users (see Figure 4).


15

Ul mately, the mul tude of threats facing mobile devices and the habits of their users are

conspiring to create an environment where fraud can flourish. Not every device owner

experiences fraud at similar rates, though (see Figure 5):

Among Windows mobile device users, 4.8% experienced iden ty fraud in 2013, which

is 10% below the rate at which all consumers were vic mized (5.4%).13 This can

par ally be a ributed to the smaller share of the mobile device market they

represent, which makes them less a rac ve targets, but could also be the result of

other factors such as the use of non‐SMS‐based two‐factor authen ca on common to

Microso services, such as Outlook (see Mobile Authen ca on sec on, pg. 8).

Android users face the most serious threat from malware and are placing their

financial accounts at risk when relying on SMS‐based OTPs for authen ca on (see

Mobile Authen ca on sec on, pg. 8), both of which contribute to a rate of iden ty

fraud that is 31% higher than what all consumers experienced last year (7.1% vs. 5.4%,

respec vely).

Despite owning devices far less prone to malware infec on than Android, 7.3% of iOS

users experience iden ty fraud that is 36% higher than average (5.4%). This is because

of their substan al market share, which makes them higher profile targets, the use of

Apple services, which rely heavily on a single set of creden als, and users that have

higher‐than‐average incomes, which make them more a rac ve to fraudsters.14

Android and iOS Users Experience a Rela vely High Rate of Iden ty Fraud

Figure 5: Incidence of Iden ty Fraud in Past 12 Months, by Mobile OS User

7.1% 7.3%

4.8%

0%

1%

2%

3%

4%

5%

6%

7%

8%

9%

10%

Android iOS Windows

Fraud inciden

ce rate

Q5. In what month and year did you DISCOVER that your personal or financial information had been misused? In the past 12 months



UNDERSTANDING THE CONSEQUENCES


16

Facing significantly higher rates of fraud, Android and iOS users alike must improve their

security posture if they are to have any hope of reversing this trend. While users can be

encouraged to change their behaviors, some improvements can only be achieved in concert

with the efforts of carriers, device manufacturers, and the businesses that use the mobile

channel to reach their customers. Every stakeholder shares in the responsibility for the

success — or failure — of protec ng mobile devices and their users from fraud.


17

METHODOLOGY

2013 Iden ty Fraud Survey Data Collec on Javelin’s ID Fraud survey was historically fielded as a landline survey using computer‐

assisted telephone interviewing (CATI). At the me of the survey’s incep on in 2003,

landlines provided a rela vely comprehensive coverage of the U.S. popula on. However,

with the advent of me and technology, landline coverage has been shrinking — thus the ID

Fraud survey has had increasingly less penetra on into the younger, more mobile

popula on. Cognizant of this shi , in 2011 Javelin fielded the ID Fraud survey through the

KnowledgePanel®. Javelin con nued to use KnowledgePanel for our 2013 ID fraud survey in

order to obtain the most representa ve sample of U.S. adults.

KnowledgePanel is the only probability‐based online panel in the U.S. Through mail, the

panel recruits households with no access to Internet (at the me of recruitment) as well as

cell phone‐only households. The panel offers a mix of RDD‐based recruitment (1999–

present) and address‐based sampling (introduced in 2008 and rolled out in full in 2009).

The 2013 ID Fraud survey was conducted among 5,634 U.S. adults over age 18 on

KnowledgePanel; this sample is representa ve of the U.S. census demographics

distribu on, recruited from the Knowledge Networks panel. Data collec on took place from

Oct. 9 to Oct. 30, 2013. Final data was weighted by Knowledge Networks, while Javelin was

responsible for data cleaning, processing, and repor ng. Data is weighted using 18+ U.S.

Popula on Benchmarks on age, gender, race/ethnicity, educa on, census region, and

metropolitan status from the most current CPS targets.

Margin of Error For ques ons answered by all 5,634 respondents, the maximum margin of sampling error is

+/‐ 1.31 percentage points at the 95% confidence level. For ques ons answered by all 936

iden ty fraud vic ms, the maximum margin of sampling error is +/‐ 3.20 percentage points

at the 95% confidence level.


18

ENDNOTES 1 2014 Iden ty Fraud Report: Card Data Breaches and Inadequate Consumer Password Habits Fuel Disturbing Fraud Trends, Javelin Strategy & Research, February 2014.

2 h ps://www.apple.com/iphone‐6/touch‐id/, accessed Aug. 19, 2014.

3 Biometrics in Banking and Payments: Versa le Voice Faces an Apple‐Led Fingerprint Revolu on, Javelin Strategy & Research, January 2014.

4 h p://www.scmagazine.com/new‐drive‐by‐download‐android‐malware‐discovered‐by‐researchers/ar cle/334475/, accessed Sept. 7, 2014.

5 h p://blog.trendmicro.com/trendlabs‐security‐intelligence/mobile‐malware‐and‐high‐risk‐apps‐reach‐2m‐mark‐go‐for‐firsts/, accessed Sept. 7, 2014.

6 h p://www.americanbanker.com/issues/178_111/new‐breed‐of‐banking‐malware‐hijacks‐text‐messages‐1059745‐1.html, accessed Sept. 7, 2014.

7 h p://www.informa onweek.com/mobile/zeus‐banking‐trojan‐hits‐android‐phones/d/d‐id/1098909?, accessed Sept. 19, 2014.

8 h p://www.entrepreneur.com/ar cle/232335, accessed Sept. 7, 2014.

9 h p://nakedsecurity.sophos.com/2014/08/22/apple‐ios‐malware‐gets‐onto‐75000‐iphones‐steals‐ad‐clicks/, accessed Sept. 7, 2014.

10 h p://www.eweek.com/c/a/Security/10‐iOS‐Security‐Apps‐to‐Protect‐Your‐iPhone‐iPad‐from‐Hackers‐492794/, accessed Sept. 7, 2014.

11 h p://bits.blogs.ny mes.com/2014/08/25/california‐governor‐signs‐law‐requiring‐a‐kill‐switch‐on‐smartphones/?_php=true&_type=blogs&_r=0, accessed Sept. 7, 2014.

12 Familiar fraud is the commission of iden ty fraud by someone personally known to the vic m.

13 2014 Iden ty Fraud Report: Card Data Breaches and Inadequate Consumer Password Habits Fuel Disturbing Fraud Trends, Javelin Strategy & Research, February 2014.

14 2012 Mobile Security: Android and iPhone Are A rac ve Fraud Targets in $20B Mobile Payments Market, Javelin Strategy & Research, November 2012.


19

ABOUT JAVELIN Javelin Strategy & Research, a division of Greenwich Associates, provides strategic insights

into customer transac ons, increasing sustainable profits and crea ng efficiencies for

financial ins tu ons, government agencies, payments companies, merchants, and other

technology providers. Javelin’s independent insights result from a uniquely rigorous three‐

dimensional research process that assesses customers, providers, and the transac ons

ecosystem.

Authors: Al Pascual, Senior Analyst, Fraud & Security

Publica on Date: September 2014

Editor Chuck Ervin

This white paper was sponsored by Nok Nok Labs. The white paper was independently

produced by Javelin Strategy & Research, a Greenwich Associates LLC company. Javelin

maintains complete independence in its data collec on, findings, and analysis.

Documents

Apathy Meets Security - SC Magazine Apathy Meets Security ... Mobile Users Sacriﬁce Security for Convenience ... the rate of fraud these users experience